Mozilla Firefox JavaScript Engine Information Disclosure Vulnerability

Monday, April 4th, 2005
by Marc Erickson

Critical: Moderately critical

Impact: Exposure of system information, Exposure of sensitive information

Where: From remote

Solution Status: Unpatched

Software: Mozilla Firefox 0.x, Mozilla Firefox 1.x

A vulnerability has been discovered in Mozilla Firefox, which can be exploited by malicious people to gain knowledge of potentially sensitive information.

The vulnerability is caused due to an error in the JavaScript engine, as a “lambda” replace exposes arbitrary amounts of heap memory after the end of a JavaScript string.

Successful exploitation may disclose sensitive information in memory.

Secunia has constructed a test, which can be used to check if your browser is affected by this issue:
http://secunia.com/mozilla_products_arbitrary_memory_exposure_test/

The vulnerability has been confirmed in versions 1.0.1 and 1.0.2. Other versions may also be affected.

Solution:
Disable JavaScript support.

[Continue reading Mozilla Firefox JavaScript Engine Information Disclosure Vulnerability]

What Do You Think?

Want to Start a Blog Here for Free?

Are you an expert in one subject or another? If your goal is to help others and dispense hard-earned information back to the community, stake a claim on your very own Lockergnome blog today! You can write about anything - no matter the topic. Sign-up to start blogging!

Environment - Jul 25, 2008

New Twist That May Cut CO2 Levels To Pre-Industrial Levels

Tongue Drive Technology
Friday, July 25, 2008
New Population Of Highly Threatened Lemur Found
Friday, July 25, 2008
Researchers Find Key To Saving The World’s Lakes
Thursday, July 24, 2008
Researchers Grow Human Blood Vessels In Mice
Thursday, July 24, 2008
Nanotechnology: Learning From Past Mistakes
Thursday, July 24, 2008

Internet, Security - Jul 23, 2008

Security Flaws In Online Banking Sites Found To Be Widespread

Carbon Dioxide Laser Resurfacing May Reduce Wrinkles
Wednesday, July 23, 2008
Closing The Hydrogen Economic Loop
Wednesday, July 23, 2008
Saharan Dust Storms Sustain Life In Atlantic Ocean
Tuesday, July 22, 2008
iTunes Allows Radiologists To Save, Sort, And Search Files
Tuesday, July 22, 2008
An ID For Alzheimer’s?
Tuesday, July 22, 2008

Health - Jul 17, 2008

Biological Marker For Alzheimer’s Holds Promise For Earlier Diagnosis

Lead Shot And Sinkers: Weighty Implications For Fish And Wildlife Health
Thursday, July 17, 2008
Sociological Analysis Shows Emergence Of Rights Revolution In China
Thursday, July 17, 2008
Software Helps Developers Get Started With PIV Cards
Wednesday, July 16, 2008
Purified Stem Cells Restore Muscle In Mice With Muscular Dystrophy
Wednesday, July 16, 2008
MIT Opens New Window On Solar Energy
Wednesday, July 16, 2008

Environment - Jul 15, 2008

Water: The Forgotten Crisis

Molecular Motor Works By Detecting Minute Changes In Force
Tuesday, July 15, 2008
Polished To Perfection
Tuesday, July 15, 2008
Always At Your Service
Monday, July 14, 2008
Gender, Time Of Day Affect Response To Vaccination
Monday, July 14, 2008
Can Microorganisms Be A Solution To The World’s Energy Problems?
Monday, July 14, 2008

Mozilla Firefox JavaScript Engine Information Disclosure Vulnerability

Tags

Categories

What Do You Think?

Want to Start a Blog Here for Free?

Environment - Jul 25, 2008

New Twist That May Cut CO2 Levels To Pre-Industrial Levels

Internet, Security - Jul 23, 2008

Security Flaws In Online Banking Sites Found To Be Widespread

Health - Jul 17, 2008

Biological Marker For Alzheimer’s Holds Promise For Earlier Diagnosis

Environment - Jul 15, 2008

Water: The Forgotten Crisis

What else is new in Tech News Watch?

Researchers Find Key To Saving The World’s Lakes

Researchers Grow Human Blood Vessels In Mice

Nanotechnology: Learning From Past Mistakes

Security Flaws In Online Banking Sites Found To Be Widespread

Carbon Dioxide Laser Resurfacing May Reduce Wrinkles

Random Posts From the Archives

Microsoft Security Bulletin MS04-015

Google’s year in review">Google’s year in review

Ultrasound May Help Regrow Teeth

Microsoft taps Wal-Mart executive as new COO

Become a technology evangelist for Amazon?

Further Reading

Tags

Categories

What Do You Think?

Want to Start a Blog Here for Free?

Environment - Jul 25, 2008

Internet, Security - Jul 23, 2008

Health - Jul 17, 2008

Environment - Jul 15, 2008

What else is new in Tech News Watch?

Random Posts From the Archives

Google’s year in review">Google’s year in review